2020-10-22 - TRAFFIC ANALYSIS EXERCISE - OMEGACAST
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
ASSOCIATED FILES:
- Zip archive of the pcap: 2020-10-22-traffic-analysis-exercise.pcap.zip 5.9 MB (5,864,610 bytes)
- 2020-10-22-traffic-analysis-exercise.pcap (6,535,212 bytes)
- Zip archive of the alerts: 2020-10-22-traffic-analysis-exercise-alerts-and-forensic-report.zip 2.7 MB (2,745,409 bytes)
- 2020-10-20-traffic-analysis-exercise-alerts.jpg (3,019,392 bytes)
- 2020-10-20-traffic-analysis-exercise-alerts.txt (8,393 bytes)
- 2020-10-22-traffic-analysis-exercise-forensic-report.txt (1,602 bytes)
- Malware & artifacts from the infected host: 2020-10-22-traffic-analysis-exercise-malware-and-artifacts.zip 739 kB (739,125 bytes)
SCENARIO
LAN segment data:
- LAN segment range: 10.72.33[.]0/24 (10.72.33[.]0 through 10.72.33[.]255)
- Domain: omegacast[.]net
- Domain controller: 10.72.33[.]10 - Omegacast-DC
- LAN segment gateway: 10.72.33[.]1
- LAN segment broadcast address: 10.72.33[.]255
TASK
- Figure out what's going on, maybe write an incident report. Whatever... I'm not your mother.
ANSWERS
- Click here for the answers.
Click here to return to the main page.